| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #1030
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1041
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The destination path of the built-in volume was not being created
but a relabel was being attempted on it, this was causing issues
with all images that have built-in volumes.
This patch fixes that and ensures the destination volume path
is created.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #1026
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we run containers in detach mode, nothing cleans up the network stack or
the mount points. This patch will tell conmon to execute the cleanup code when
the container exits.
It can also be called to attempt to cleanup previously running containers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #942
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #1012
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1013
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of setting the --registry flag to search a single registry,
prefix the registry before the image name in the input, an example is
`podman search registry.fedoraproject.org/fedora` and this will search for
the fedora image in only registry.fedoraproject.org.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #1011
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #936
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #981
Approved by: baude
|
|
|
|
|
|
|
|
|
| |
Also start using podmin in /usr/libexec/podman rather then crio.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #979
Approved by: baude
|
|
|
|
|
|
|
|
|
| |
Also podman ps now allows user to only output size of root FS, changed language of images and ps --sort to be by "created" as opposed to "time", and refactored the way templates are created (converted from psJSONParams type).
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #948
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #952
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
podman images will not show intermediate images by default.
To view all images, including intermediate images created during
a build, use the --all flag.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #947
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make the output of top tabular to be compatible with Docker. Please
note, that any user-input for `GetContainerPidInformation(...)` will be
ignored until we have found a way to generically and reliably parse ps-1
output or until there is a go-lib to extract all the data from /proc in
a ps-1 compatible fashion.
Fixes: #458
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #939
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #932
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #871
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #944
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #937
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
podman run command screws up we should get 125
podman run command succeeds but command in container fails to exec 126
podman run command succeeds but command exits with non 0 exit code
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #921
Approved by: TomSweeneyRedHat
|
|
|
|
|
|
|
| |
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #904
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #910
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add following test cases for security-opt:
- Check default selinux value
- Disable security options in container
- Setup selinux type in security-opt
- Disable seccomp protection
- Configure custom seccomp.json
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #837
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
This function is used to write json format configure files.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #837
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
Use function in opencontainers/selinux/go-selinux to check the
selinux status in our test.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #837
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
Also add annotations from the image the container was created
from.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #886
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently we are giving all caps to users when running with podman run --user,
They should get none by default. If the command line includes --cap-add, then
we need to run with those capabilties. Similarly we need to drop caps from
bounding set, if user specifies --cap-drop
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #851
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
| |
The docker-archive tar files can have multiple tags for the same
image stored in it. Load pulls all the tags found in the archive
when loading a tar file. Save can oush multiple tags of the same
image to a tar archive.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #819
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #831
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we're given a numeric --user value, default to GID 0 if the numeric
ID doesn't correspond to a user entry in /etc/passwd that can provide us
with the user's primary group ID.
Make sure that GetAdditionalGroupsForUser() returns wrapped errors.
Also test various user:group forms.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #728
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
* Replaced by tests in libpod/contrib/python/test
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #766
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the user uses the image ID when saving to either docker-archive
or oci-archive, then do not save a reference in the manifest/index.json.
If the user chooses to push without an image reference, i.e <transport>:<path>
it should be valid and succeed.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #782
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #760
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
Until we get Systemd cgroup manager working, this will
cause a validation error.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #507
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #690
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
| |
If the user does not provide a host port when adding -p to create/run, podman should inject an available random port.
podman run -p 80 .... podman should assign a random port to the host and expose the container port 80 to it
Signed-off-by: baude <bbaude@redhat.com>
Closes: #703
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
when performing a container commit, we should not add the default list of volumes
for a container to the resulting image. it will cause the resulting image to crash
when run subsequently.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #699
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
| |
file names for podman load, save, export, and import cannot
contain ":" in them. It is a reserved character for parsing
filenames.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #694
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor in buildah and use as much of commit and bug as possible for podman
build and commit.
Resolves #586
Signed-off-by: baude <bbaude@redhat.com>
Closes: #681
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
- CI does not support systemd-cat
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #683
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Allow unittest's to run as normal user
- Refactor tests to use unittest features
- Refactor tests to use fixtures to track resources
- Update test runner script to clean up on failure
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #683
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
The hidden flag is used to override the path of the default mounts file
for testing purposes.
Also modified the secrets pkg to allow for this override to happen.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #678
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
If an integer is passed into the --user flag, i.e --user=1234
don't look up the user in /etc/passwd, just assign the integer as the uid.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #652
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
Add search test with filter stars, is-automated and is-official.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #662
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
Add --no-trunc to the command line and add output check for the
lines not include "..." with this flag.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #662
Approved by: rhatdan
|
|\
| |
| | |
Add FIPS mode secret
|
| |
| |
| |
| |
| |
| |
| |
| | |
If the host is in FIPS mode and /etc/system-fips exists
/run/secrets/system-fips is created in the container so that
the container can run in FIPS mode as well.
Signed-off-by: umohnani8 <umohnani@redhat.com>
|
|\ \
| |/
|/| |
Restart test Improve
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Test the --timeout flag with a container which can not be stopped with
SIGSTOP. This means the container should can not be stopped and will be
killed then restart with timeout value. Test steps:
Start a container with STOPSIGNAL=SIGKILL
Restart it with --timeout set to 2s
Check the restart command will finished more than 2s and less than
10s(the default timeout)
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Remove the --latest from the restart running container test, and
add a separated case with following steps:
start two container in order: test1, test2
restart container with --latest
check the start time for test1 and test2
And the results should be test1 is not restarted and test2 is restarted.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
|
| |
| |
| |
| |
| |
| | |
Check the start time changed after restart the container.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
|